NYCPHP Meetup

NYPHP.org

[nycphp-talk] Fault tolerant server architecture

Hans Zaunere lists at zaunere.com
Sat Jan 21 02:58:38 EST 2006 


Cliff Hirsch wrote on Thursday, January 19, 2006 11:11 AM:
> Ok, so this may be a bit off topic, but I am trying to determine a cost
> effective architecture for a classic PHP/MySQL site that is fault
> tolerant and can scale-out if needed.

You and the rest of the known universe :)

> At one extreme I view the minimum configuration as a simple dedicated
> server.

A dedicated server is a single point of failure, and thus not fault
tolerant.  A double failure (meaning two distinct system-layers fail) is
generally acceptable, even in the most restrictive circumstances.

> But being a bit paranoid, at the other extreme, I have been getting
> quotes for a configuration that uses a Firewall, load balancer, two web
> servers, and two database servers (one master, one slave for backups). Of
> course with additional backups (local & offsite), RAID, hot swap power
> supplies, etc. I skipped the armed guards, tasers, and off planet
> options. And so far, I am ignoring the people that are telling me that if
> I want to be really serious, I should use Oracle, not MySQL.

Well, that's not that far off.  For real fault-tolerance, duplicity is a
must.  This means redundant servers, network routes, and frankly geographic
locations with route awareness.  Fault tolerance (or paranoia) can be quite
high, and expensive.

In terms of the database to use, that's an always interesting discussion.
Depending on the level of fault tolerance you're trying to achieve, it comes
down more to physical concerns, rather than software related, or logical,
ones.  That said, some software can more robustly handle failures in various
layers than others.

> If I could stick this in my basement, the price wouldn't even be so bad.
> But that's not realistic. With a managed service provider, the charge is
> thousands per month. With co-location -- don't know. Haven't priced it
> and then I need a sysadmin anyway. Co-lo isn't cheap either.   
> 
> I would be funding this out of my own pocket. Am I nuts? What are other

Yeah...

> people doing to ensure availability at a reasonable price point?

It's all about the nines, as in five-nines (99.999%).  Depending on the
client, you need to establish a service level agreement that dictates the
availability requirements.

About the nines:  http://en.wikipedia.org/wiki/The_Myth_of_the_Nines

I've recently completed an engagement with a US military branch, and long
story short, availability is obviously a concern.  At the end of the day,
fault tolerance, and thus the ability to be highly available, comes down to
the combination of multiple layers, ie, software, architecture,
infrastructure, and physical location.  That combination equates to the
number of nines you're willing to commit to, and thus the cost.

So what's a reasonable price point?  Well, for the average eCom site, it
means a backed-up dedicated server that can survive even a total hardware
failure of the server itself.  In the average co-lo environment, this
equates to two or three nines, meaning that you can have the service
restored within 24 hours, and without considerable loss of persistent data.


---
Hans Zaunere / President / New York PHP
   www.nyphp.org  /  www.nyphp.com

More information about the talk mailing list